11 matches found
vantage6 does not properly delete linked resources when deleting a collaboration
When a collaboration is deleted in vantage6, the linked resources such as tasks from that collaboration are not properly deleted. This is partly to manage data properly, but also to prevent a potential but unlikely side-effect, where if a collaboration with id=10 is deleted, and subsequently a ne...
GHSA-RF54-7QRR-96J6 vantage6 does not properly delete linked resources when deleting a collaboration
When a collaboration is deleted in vantage6, the linked resources such as tasks from that collaboration are not properly deleted. This is partly to manage data properly, but also to prevent a potential but unlikely side-effect, where if a collaboration with id=10 is deleted, and subsequently a ne...
PYSEC-2023-200
vantage6 is privacy preserving federated learning infrastructure. When a collaboration is deleted, the linked resources such as tasks from that collaboration should be deleted. This is partly to manage data properly, but also to prevent a potential but unlikely side-effect that affects versions...
CVE-2023-41881 Deleting a collaboration should also delete linked resources
vantage6 is privacy preserving federated learning infrastructure. When a collaboration is deleted, the linked resources such as tasks from that collaboration should be deleted. This is partly to manage data properly, but also to prevent a potential but unlikely side-effect that affects versions...
CVE-2023-41881 Deleting a collaboration should also delete linked resources
vantage6 is privacy preserving federated learning infrastructure. When a collaboration is deleted, the linked resources such as tasks from that collaboration should be deleted. This is partly to manage data properly, but also to prevent a potential but unlikely side-effect that affects versions...
vantage6 Code Issue Vulnerability
vantage6 is a vantage6 open source priVAcy preserviNg federalTed leArningG infrastructure for Secure Insight eXchange. A code issue vulnerability exists in versions prior to vantage6 3.3.6 that stems from deleting a collaboration without deleting the linked resources e.g., tasks in that...
Authentication flaw
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the makeRequest gadget resource. The affected versions are before version 8.13.3, and from version 8.14.0...
CVE-2021-26070
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the makeRequest gadget resource. The affected versions are before version 8.13.3, and from version 8.14.0...
Gadget resource makeRequest defeats behind-the-firewall protection of app-linked resources - CVE-2021-26070
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the makeRequest gadget resource. The affected versions are before version 8.13.3, and from version 8.14.0...
Man-in-the-middle (MitM)
Firefox is vulnerable to man-in-the-middle MitM. The Upgrade-Insecure-Requests UIR specification states that if UIR is enabled through Content Security Policy CSP, navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the...
DOMParser loads linked resources in extensions when parsing text/html — Mozilla
Security researcher vsemozhetbyt reported that when the DOMParser is used to parse text/html data in a Firefox extension, linked resources within this HTML data will be loaded. If the data being parsed in the extension is untrusted, it could lead to information leakage and can potentially be...